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1 I. INTRODUCTION 

2 This case pits a small, innovative industry pioneer against a monopolistic giant whose 

3 ruthless, anticompetitive tactics are legendary. InterTrust invented the field of Digital Rights 

4 Management ("DRM"). Microsoft praised InterTrust's work as revolutionary, negotiated with 

5 InterTrust for a license to InterTrust's technology and patents, then broke off negotiations and 

6 unilaterally designed InterTrust's innovations into a large portion of Microsoft's product line. 

7 InterTrust, however, has one asset Microsoft's other victims did not possess: long before 

8 Microsoft had even heard of Digital Rights Management, InterTrust filed foundational patents in 

9 the field, patents that now read directly on major Microsoft initiatives in this area. 

1 0 Microsoft now seeks to avoid the consequences of its actions by urging this Court to 

11 adopt claim constructions that would render the InterTrust claims meaningless. Microsoft would 

1 2 have this Court read a single, two thousand word definition into every single InterTrust claim, a 

13 definition at least twenty times longer than any claim construction ever adopted by any Court, 

14 and almost certainly far longer than any definition ever even proposed. No jury could possibly 

1 5 comprehend Microsoft's two thousand word definition, much less apply it in any meaningful 

1 6 way. 

1 7 Nor could any jury meaningfully apply numerous other claim construction proposals 

18 from Microsoft, many of which amount to hundreds of words of highly complicated text. 

1 9 Microsoft's constructions improperly read dozens of detailed limitations from specification 

20 embodiments into the claims and incorporate numerous other restrictions that contradict the 

21 specifications or are made up from whole cloth. Microsoft's proposed definitions are 

22 inconsistent with fundamental canons of claim construction. 

23 By contrast, InterTrust's straightforward claim constructions conform to the plain 

24 language of the claims, informed by the specifications, and provide a clear and informative 

25 blueprint that can easily be understood and applied by the trier of fact. That a straightforward 

26 approach compels a finding of infringement may not be to Microsoft's liking, but it is what the 

27 law requires. 
28 
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II. FACTUAL BACKGROUND 

The InterTrust patents involved in this litigation derive from a foundational patent 
application filed in February 1995. That application resulted from a number of years of 
concentrated work by the four inventors, starting with an investigation first begun by InterTrust 
founder Victor Shear in the 1980s. 1 From InterTrust's inception in 1990 and throughout the 
following decade, Mr. Shear and his colleagues tackled the most intractable difficulties 
confronting the digital marketplace: how to enable authors, publishers, and other owners of 
digital content to distribute and sell that content electronically, while simultaneously protecting 
that content from misuse and piracy. InterTrust not only saw the problems that currently plague 
electronic commerce, it discovered crucial solutions, and then described those solutions in the 
patents that are the subject of this claim construction brief. 

The foundational InterTrust patent application describes an overall "architecture" for 
Digital Rights Management, an integrated approach designed for conducting trusted and secure 
electronic commerce. 2 InterTrust's inventors began thinking about these concepts long before 
the rest of the computer industry, and literally years before Microsoft had given any thought 
whatsoever to DRM. 

InterTrust's design and approach were widely recognized in the industry as 
groundbreaking and revolutionary. For example, one senior Microsoft executive was quoted as 
follows: 

"InterTrust is solving problems that won't be in the mainstream for quite some 
time," says Will Poole, senior director of marketing and business development at 
Microsoft's Streaming Media Division. "It's visionary." 

The Wall Street Journal, April 29, 1999, Page Decl. Exh. A. The InterTrust patents were also 

recognized in the industry as fundamental: "'Before anybody had thought about this stuff, 

Victor Shear] was out there patenting it,' said Kirk Loevner, a.former Apple Computer Inc. 



See Declaration of Michael Page ("Page Decl"), Exh. A, for a more detailed history of 
: iiterTrust. See also Shear Deposition Transcript 1 57: 1 3-1 58:23 (Page Decl., Exh U); 
Supplemental Response of Plaintiff InterTrust Technologies Corp. to Defendant Microsoft 
Corporation's First Set of Interrogatories (Page Decl., Exh. V). 

See Declaration of Dr. Michael Reiter ("Reiter Decl"), ffl 10-15. 
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executive." Id. 

Starting in 1998, Microsoft negotiated for a license to InterTrust's technology and 
patents. These negotiations involved literally dozens of meetings, at which InterTrust made 
significant disclosure of its technical architecture. In 2000, Microsoft terminated these 
discussions. In the same timeframe, Microsoft announced its .NET initiative, a major Microsoft 
project designed to incorporate DRM into all aspects of Microsoft's products. This lawsuit 
followed. 

in. CLAIM CONSTRUCTION PRINCIPLES IN GENERAL 

The landmark case of Markman v. Westview Instruments. Inc.. 517 U.S. 370 (1996), 

made claim construction a question of law for this Court to decide. Since Markman . the Federal 

Circuit has progressively refined the claim-construction process and established a detailed 

methodology for construing patent claims. 

In its significant recent opinion in Texas Digital Systems. Inc. v. Telegenix. Inc.. 308 

F.3d 1193 (Fed. Cir. 2002), the Federal Circuit synthesized the claim construction process and, 

in doing so, defined a roadmap for construing patent claims. First, the ordinary meaning of each 

disputed term is determined. Id at 1202, 1204. There is a "heavy presumption ,, that claim terms 

should be interpreted to "have the ordinary meaning that would be attributed to those words by 

persons skilled in the relevant art." Id. at 1202. The Federal Circuit encourages examination of 

'relevant dictionaries, encyclopedias and treatises" to determine how those in the art would 

understand the claim. Id. at 1205. 

The Federal Circuit has warned against considering the specification and file history 

during this initial step: 

Consulting the written description and prosecution history as a threshold step in 
the claim construction process, before any effort is made to discern the ordinary 
and customary meanings attributed to the words themselves, invites a violation of 
our precedent counseling against importing limitations into the claims. 

. d. at 1204. To avoid this error, the court must first focus on the claim's ordinary meaning. 

. Second, the patent's specification and prosecution history are examined for clear 
evidence tending to rebut the presumption that a term should be given its ordinary meaning. Id, 
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at 1204 ("In short, the presumption in favor of a dictionary definition will be overcome where 
the patentee, acting as his or her own lexicographer, has clearly set forth an explicit definition of 
the term different from its ordinary meaning/'). Such evidence may include use of the term in 
the specification "in a manner clearly inconsistent with [its] ordinary meaning" and "expressions 
of manifest exclusion or restriction" by an inventor that clearly disavow or disclaim scope that 
would have otherwise been encompassed by the term. Id 

"[UJnless compelled otherwise, a court will give a claim term the full range of its i 
ordinary meaning as understood by persons skilled in the relevant art." Id. at 1202. Thus, a 
term's ordinary meaning must be adopted unless clear evidence from the patent's specification or 
prosecution history manifests a departure from the standard usage of the term. Id 

The claim's central role in defining a patentee's invention is also the basis for one of the 
most well-established canons of claim construction: the prohibition against reading features or 
limitations into a claim from the patent specification. See, e.e., McCartv v. Lehigh Valley R.R.. 
160 U.S. 1 10, 1 16 (1895) ("[W]e know of no principle of law which would authorize us to read 
into a claim an element which is not present"); Renishaw PLC v. Marposs Societa' per Azioni, 
158 F.3d 1243, 1248 (Fed. Cir. 1998). This rule follows from the separate purposes of the patent 
specification and claims. The role of the patent specification is to adequately describe the 
invention to enable the public to make and use it once the patent expires. See 35 U.S.C. § 1 12, 
% 1 . The role of the claims is completely different. See SRI Int'l v. Matsushita Electric Corp. of 
Am.. 775 F.2d 1107, 1121 n.14 (Fed. Cir. 1985) ("Specifications teach. Claims claim."). 

Patent claims define the inventor's property right. A patent claim recites a particular 
combination of elements that the inventor believes is different than any combination that has 
existed before. If it is novel, and is also useful and not obvious, the inventor is entitled to a 
patent monopoly for the claimed combination even if it does not include many elements of the 
inventor's preferred embodiment described in .the specification. See, e.g., Renishaw, 158 F.3d at 

248 ("[T]he claims define the scope of the right to exclude; the claim construction inquiry, 
therefore, begins and ends in all cases with the actual words of the claim...."). It is therefore 
x>th unfair and improper to graft unclaimed elements from the inventor's specification onto the 
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claims because doing so cheats the patentee of intellectual property to which he or she is entitled 
by law. See Texas Digital 308 F.3d at 1204 ("But if the meaning of words themselves would 
not have been understood to persons of skill in the art to be limited only to the examples or 
embodiments described in the specification, reading the words in such a confined way would 
mandate the wrong result and would violate our proscription of not reading limitations from the 
specification into the claims .")(emphasis added). 

IV. THE LENGTH AND COMPLEXITY OF MICROSOFT'S PROPOSED 
CONSTRUCTIONS 

Microsoft's proposed constructions are undoubtedly the longest and most complex claim 
constructions ever presented by a patent litigant. Microsoft's definition of VDE alone amounts 
to over 2,000 words, including numerous separately defined terms that are incorporated by 
reference. 3 That definition is over ten times longer than the longest proposed definition 
[nterTrust can find in any Federal Circuit opinion. In fact, as best InterTrust can determine, 
Microsoft's definition is far longer than any claim construction ever proposed by any party in 
my patent litigation. 

Although VDE is Microsoft's longest definition, it is not alone in its excesses: twelve of 
Microsoft's other definitions amount to over one hundred words each. Derwin Decl., ^ 4. Many 
)f these include multiple hundreds of words and incorporate other defined terms by reference. 

InterTrust's patent claims are relatively straightforward. 4 721 Claim 34, for example, 
tmounts to a total of 67 words. Microsoft's VDE definition by itself is more than thirty times 
onger than the entire claim, not to mention much more complex, yet Microsoft seeks to 
^corporate this mammoth definition into the claim despite the fact that the claim itself does not 
ecite a VDE. If Microsoft's constructions were adopted wholesale, the jury instruction 
explaining" this claim by itself would amount to at least 3,000 words, and probably many more. 

No jury could possibly understand or apply constructions of this length and complexity, 
lo jury has ever been asked to do so. Microsoft's proposals are designed to entirely defeat the 
urpose of claim construction, since they would render the claims far more difficult to 
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understand, rather than less: 

[I]n the end, claim construction must result in a phraseology that can be taught to 
a jury of lay people. It is not enough simply to construe the claims so that one 
skilled in the art will have a definitive meaning. Control Resources, Inc. v. Delta 
Electronics, Inc.. 133 F. Supp. 2d 121, 127 (D. Mass. 2001); see MacNeill 
Engineering Co., Inc. v. Trisport, Ltd., 126 F. Supp. 2d 51, 56 (D. Mass. 2001), 
dismissed on appeal; 2001 WL 838410 (Fed. Cir. 2001) ("The Court's 'claim 
construction obligation ... involves not only properly construing the claim 
language so that the litigants (for the most part skilled in the particular art) will 
understand it, but also teaching the chosen construction to the jury in language 
that will inform the jury in plain English the legal framework it must apply in 
order to do justice. '"). 

SKW Ams. v. Euclid Chern. Co.. 231 F. Supp. 2d 626, 639 (N.D. Ohio 2002). 



Definitions so long and complex as to defy meaningful application are per se 
unreasonable. 

V. SPECIFIC CLAIM CONSTRUCTION ISSUES 

This section sets forth a brief statement of InterTrust's position and supporting evidence, 
on each of the specific disputed claim terms. 4 By necessity, these explanations are abbreviated, 
and must be read in conjunction with the proposed claim constructions and supporting evidence 
contained in the Joint Claim Construction Statement ("JCCS")- Given the number of disputed 
terms, and the size and complexity of Microsoft's proposals, it is impossible within the page 
imits of this Memorandum for InterTrust to address all (or even a majority) of the specific issues 
raised by the Microsoft definitions. Instead, this Memorandum will describe evidence 
supporting InterTrust's constructions and will point out one or more significant problems with 
each Microsoft definition. For a more general overview, the accompanying Reiter Declaration 
includes an explanation of the background of the patents and of the claims as a whole, and may 
be consulted by the Court for an understanding of the context in which these claim elements 



Derwin Decl.")> % 3. 

Terms are listed in the order presented in the claims, using the same order as JCCS Exhibit A. 
The parties' proposed constructions can be found at the JCCS Exhibit A and Exhibit B locations 
cited below in the heading of each section. Evidence citations are to JCCS Exhibit C, unless 
otherwise noted. Such citations are given using the tab number from the Exhibit (each tab 
corresponding to a particular defined term), and a letter designating the particular quotation (e.g., 
" (A) is a reference to Exhibit C, Tab 1 ("aspect") and in particular to the quotation designated as 
A". References to Exhibit D are to items contained in the list of evidence submitted by 
Microsoft in Exhibit D to the JCCS. 
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appear. Reiter Dec!., 5-17 and Ex. B. 

The Court should not assume that InterTrust agrees with sections of Microsoft's proposed 

definitions that are not addressed herein. In general, the issues discussed below are exemplary of 

the vast majority of limitations improperly incorporated into the Microsoft definitions: those 

limitations either contradict the specifications, are completely unsupported, or attempt to 

transform preferred embodiments into claim limitations. 

A. Global Requirement of a Virtual Distribution Environment (Ex. A, Row 1, 
Ex. B, Row 24, Ex. C, Tab 24) . 

Microsoft asserts that each and every claim requires a Virtual Distribution Environment 

("VDE"), even though this phrase appears in only one of the twelve claims at issue, and even in 

that claim the phrase is only in the preamble. Microsoft's definition of Virtual Distribution 

Environment includes 690 words, and incorporates separately defined terms that bring the total 

to over 2,000 words of text. Microsoft thus asks the Court to read an extraneous 2,000 word 

definition into every single claim . 

In the current section, InterTrust will discuss Microsoft's Global Construction position. 

Issues raised by the definition itself are discussed below, in Section Y. 

1. The eleven claims other than 900.155- do not recite a "Virtual 

Distribution Environment" and do not contain any language implying 
any such requirement 

None of the eleven claims other than 900.155 includes any mention of a VDE. 

Moreover, none of those claims contains any language from which inclusion of a VDE limitation 

can be inferred. 1-93.1, for example, recites a method that can be performed by a single user: a 

music file is received, control(s) are used to determine if the music file can be copied to a second 

device (e.g., a portable music player); if the control(s) allow the transfer, the music file is 

transferred to the second device and the music is played through an audio output at that device. 

See Reiter Decl, Ex. B, p. 1 . 

Compare this claim to Microsoft's definition of VDE. The first numbered paragraph of 

that definition is titled "Data Security and Commerce World," and describes a "multi-node world 



Claim 155 of the '900 patent. 
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(community)," recites guarantees provided to "all" participants, and expressly excludes 

"anything less than or different than this." The sixth numbered paragraph specifies that "each 

VDE node has the innate ability to perform any role identified in the patent application (e.g., end 

user, content packager, distributor, Clearinghouse, etc.)" The seventh numbered paragraph is 

titled "Comprehensive Range of Functions" and states that "VDE comprehensively governs 

(Controls) all security and commerce activities identified in the patent application, including (a) 

metering, budgeting, monitoring, reporting, and auditing information usage, (b) billing and 

paying for information usage, and (c) negotiating, signing and enforcing contracts ....** 

None of these elements has anything to do with the claim at issue. 193.1 does not require 

a "world," nor a multi-node community, nor guarantees to "all" participants. 193. 1 does not 

mention or require content packagers, distributors or clearinghouses, nor does it have any 

language requiring or suggesting that "each" VDE node can play any role. 

Similar points can be made relating to the other sections of the Microsoft definition. 

These and many other requirements from Microsoft's 2,000 word definition of VDE are 

completely irrelevant to 193.1, and equally irrelevant to the other claims at issue in this litigation. 

or example, 721 .1 consists of 67 words, not one of which requires, implies or even relates to the 

VDE limitations Microsoft seeks to graft onto it. The absurdity of reading 2,000 additional 

words of limitation into a 67-word claim is obvious. 

2. Incorporation of Virtual Distribution Environment into Claims 
Neither Reciting Nor Implying Such a Limitation Is Improper. 

The evidence cited by Microsoft in Exhibit D to the JCCS indicates that Microsoft 

intends to argue that statements in the 1 193 and '683 patents regarding the "invention" compel 

reading all elements of a VDE into all claims. Although statements in an application regarding 

the "invention" may be taken into account in claim interpretation, neither the Federal Circuit nor 

any District Court has ever used such statements to read elements such as those proposed by . 

Microsoft into all claims. Instead, the case law is clear that, under circumstances such as those 

presented in this case, statements in a patent's specification about the "invention" do not serve to 

imit the scope of issued claims. 
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a. The eleven claims other than 900.155 contain no limitations relating to 
a Virtual Distribution Environment 

According to the Federal Circuit, statements in an application regarding the invention 

cannot be read into the claims absent a relevant limitation in the claims themselves. For 

example, in Amgen Inc. v. Hoechst Marion RousseL Inc., 314 F.3d 1313 (Fed. Cir. 2003), 

although the patent specification stated that, "the invention [was] 'uniquely characterized' by" a 

particular element in dispute, the asserted claims made no reference to that element, and the 

Federal Circuit held as follows: 

The statement that the invention is "uniquely characterized" by the expression of 
exogenous DNA sequences does not impel us to accept TKT's position when the 
asserted claims do not contain such an express limitation. 

314F.3dat 1326. 

The Federal Circuit ruled similarly in Renishaw PLC v. Marposs Societa' Per Azioni. 

158 F.3d 1243 (Fed. Cir. 1998): 

[I]t is manifest that a claim must explicitly recite a term in need of definition 
before a definition may enter the claim from the written description. . . . 

Thus, a party wishing to use statements in the written description to confine or 
otherwise affect a patent's scope must, at the very least, point to a term or terms in 
the claim with which to draw in those statements. Without any claim term that is 
susceptible of clarification by the written description, there is no legitimate way to 
narrow the property right. 

158 F.3d 1243, 1248. 

The eleven claims other than 900. 155 do not recite a VDE. Nor do they include any 

other limitations that require one. Reiter Decl., ^ 20-23. 

b. Statements in the specifications do not clearly disclaim patentable 
subject matter, and therefore cannot be used to limit the claims. 

The Federal Circuit has repeatedly held that, in order to limit the scope of a claim, 

specification statements about the "invention" must clearly and unambiguously exclude or 

disclaim certain embodiments. As noted, in Amgen the patent specification stated that, "the 

invention is 'uniquely characterized' by" a particular element. 314 F.3d at 1326. The Federal 

Circuit held, however, that this statement could not limit the claims: "Amgen' s statements 

simply do not clearly indicate that exogenous expression is the only possible mode of the 
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invention or that other methods were outside the stated purpose of the invention." 314 F.3d at 
1334. 

Likewise, in Honeywell Inc. v. Victor Co. of Japan, Ltd., 298 F.3d 1317 (Fed. Cir. 2002), 
the Federal Circuit held- that, in order to be given effect as a claim limitation, "invention" 
language in the specification must constitute a "broad and unequivocal" disclaimer, such as an 
explicit statement in the specification that "all embodiments of the present invention" include a 
specific feature. 298 F.3d at 1325. See also Teleflex, Inc. v. Ficosa North America Corp.. 299 
F.3d 1313,1324 (Fed. Cir. 2002) (requiring "expressions of manifest exclusion or restriction, 
representing a clear disavowal of claim scope"); Moore U.S.A., Inc. v. Standard Reeister Co.. 
229 F.3d 1091 , 1 1 1 1 (Fed. Cir. 2000) (references to the "present invention" or "aspects" of the 
present invention" did not constitute claim limitations), cert, denied, 532 U.S. 1008 (2001). 

The Federal Circuit has also held that specification statements about the importance of 

features or the intent to solve certain problems do not govern claim construction in the absence 

of express related language in the claims: 

[T]he fact that the claimed composition was designed to solve certain problems of 
the prior art and the fact that the patentee noted the functional import of having a 
homogeneous cast does not mean that we must attribute a function to the 
nonfunctional phrase "substantially uniform." Where the function is not recited in 
the claim itself by the patentee, we do not import such a limitation. 

Ecolab. Inc. v. Envirochem. Inc.. 264 F.3d 1358, 1367 (Fed. Cir. 2001). 
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The InterTrust specifications contain no language even remotely similar to the statement 

in Am gen that the invention was '^uniquely characterized" by an element, a statement the Federal 

Circuit found insufficient to act as a binding limitation on all'claims. The specifications contain 

no explicit disclaimers of any subject matter, nor are there any unambiguous (or even 

ambiguous) statements to the effect that all embodiments other than a complete VDE are outside 

the scope of the patents. 

c. Specification statements about the "invention" are only one factor in 
claim interpretation, and must be interpreted in light of the entire 
specification and file history. 

Specification statements about "the invention" must be read in light of the specification 

and file history as a whole, and such statements do not limit the claims if the rest of the 
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specification and file history do not indicate that such a limitation was intended. Rambus Inc. v. 



Infineon Techs. Ag . 318 F.3d 1081, 1094-95 (Fed. Cir. 2003).' 



In the present case, there are numerous aspects of the specification and file history that 

contradict Microsoft's argument that VDE must be read into all the claims. 

(i) The Patent Office ruled that the parent InterTrust patent 

application involved five separate and independent classes of 
invention. 

Although Microsoft would have the Court read the patent specifications as if they 
described a single "invention," and thereby read that "invention" into every single claim, the file 
history conclusively rebuts that argument. Not only did the Patent Office not find that the 
InterTrust specification described a single invention, it held that the parent InterTrust patent 
application claimed five separate categories of invention. It further held that these categories of 
invention each had "separate utility" separate and apart from any overall combination (e.g., a 
VDE). September 25, 1996 Office Action, pp. 2-3 (24(BB)). The Patent Office's ruling 
included the following text: 

1 . Restriction to one of the following inventions is required under 35 U.S.C. § 121 : 

Group I . . . drawn to a secure component-based operating process, classified in Class 
380, subclass 25. 

Group II. . . . drawn to method(s) for managing a resource or operating, classified in 
Class 380, subclass 4. 

Group III drawn to a secure method, classified in Class 380, subclass 3. 

Group IV. . . . drawn to [a] method of negotiating electronic contracts, classified in Class 
364, subclass 401. 

Group V. . . . drawn to methods of auditing a resource, classified in Class 364, subclass 
406. 

The inventions are distinct, each from the other because of the following reasons : 

2. Inventions of Groups I-V are related as subcombinations disclosed as usable together 
in a single combination. The subcombinations are distinct from each other if they are 
shown to be separately usable. In the instant case, invention of Group I has separate 
utility such as protecting executable code from computer viruses. Invention of Group II 
has separate utility such as a computer network administration. Invention of Group in 
has separate utility such as protection of software. Invention of Group IV has separate 
utility such as a contract bidding procedure. Invention of Group V has separate utility 
such as auditing pay television. ... 



InterTrust is providing a courtesy copy of the Rambus opinion as it appears on Westlaw. 
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3. Because these inventions are distinct for the reasons given above and have 
acquired a separate status in the art as shown by their different classification, 
restriction for examination purposes as indicated is proper. 

4. Because these inventions are distinct for the reasons given above and have 
acquired a separate status in the art because of their recognized divergent subject 
matter , restriction for examination purposes as indicated is proper. " 

1 24(BB) (emphasis added). 

The Patent Office could hardly have been clearer: InterTrust's parent application 

I involved five separate classes of invention. Each class of invention had utility separate from all 

of the others. Each class of invention was recognized in the art as relating to a divergent subject 

I matter. 

Based on this ruling, the Patent Office entered a "restriction" requirement, in which 

I InterTrust was directed to pick one class of inventions to be pursued in the application. 

InterTrust did so, and also filed separate "divisional" applications relating to the other categories 

| of inventions. Derwin Decl., ^ 2. 

Of the patents now at issue, '193, '891 and '912 have specifications identical to the 

I original application, and correspond to three of the different invention categories identified by 

the Patent Office. The '900 is a continuation-in-part and also includes all of the text from the 

original application. Derwin Decl., H 2. Thus, of the specification quotations cited by Microsoft 

in support of its VDE "global construction" argument virtually all were present in the original 

InterTrust application, the application determined by the Patent Office to involve five separate 

J categories of invention. - 

The Federal Circuit has emphasized that divisional applications, such as those filed in this 

| case, involve separate and independent inventions: 

A 'divisional' application, ... is one carved out of an earlier application which 
disclosed and claimed more than one independent invention, the result being that 
the divisional application claims only one or more, but not all, of the 
independent inventions of the earlier application. 

I Transco Prods, Inc. v. Performance Contracting, 38 F.3d 551, 555 (Fed. Cir. 1994) (citing The 
Manual of Patent Examination Procedures, 1988 § 201.06) (emphasis added), cert, denied. 513 
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U.S. 1151 (1995). 

The Rambus case cited above also involved a restriction requirement issued by the Patent 
Office, a factor noted by the Federal Circuit in its holding that statements regarding the 
invention" could not be read into all claims. 318 F.3d at 1095. 7 

The Patent Office split the InterTrust patent application into five separate categories of 

nvention. Microsoft now seeks to reverse that action, asking the Court to interpret the resulting 

>atents as if they involved a single invention (VDE) and to read that "invention" into every 

;ingle patent claim. Microsoft's position is directly contrary to the Patent Office's decision, a 

iecision to which this Court is required to give, 

the deference that is due to a qualified government agency presumed to have properly 
done its job, which includes one or more examiners who are assumed to have some 
expertise in interpreting the references and to be familiar from their work with the level 
of skill in the art and whose duty it is to issue only valid patents .... 

AcGwlev v. Franklin Sports, Inc., 262 R3d 1339, 1353 (Fed. Cix. 2001). 

(ii) Microsoft's interpretation of "the invention" is contradicted by 
the claims. 

In Rambus, the Federal Circuit held that specification statements regarding **the 
avention" did not limit the claims. One factor it cited was the fact that the patentee had 
ubmitted some claims that expressly recited the element characterized in the specification as 
the invention," thereby making it clear that the specification statements about 'the invention" 
'ere not intended as a limitation on the claims in general, since otherwise the express inclusion 
f that element in. other claims would have been redundant 3 1 8 F.3d at 1 095 . 

Exactly the same situation is present here. U.S. Patent No. 5,949,876 is an InterTrust 
atent issuing as a direct continuation from the original February 1995 patent application. It 
terefore includes the same specification as the 4 193 patent, including the same statements 



The Rambus discussion of the restriction requirement is not exactly parallel to the present 
icts, since at least one of the restrictions involved in that case apparently involved the exact 
aim limitation that was at issue, whereas none of the restrictions involved in the present case 
>ecifically mentions "Virtual Distribution Environment." It is indisputable, however, that the 
atent Office in this case determined that multiple classes of invention were presented by the 
iterTrust applications, thereby contradicting any implication that specification references to 
he invention" mean that all claims must be interpreted in light of a single invention. 

13 ■ 



INTERTRUSTS OPENING CLAIM CONSTRUCTION BRIEF 
CASE NO. C 0N1 640 SB A (MEJ), CONSOLIDATED WITH C 02-0647 SB A 



1 

2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 
26 
27 
28 



regarding "the invention" and VDE that Microsoft has cited. The *876 patent includes numerous 

I dependent claims adding an express requirement that a process or method include a VDE. 24(J) 

These dependent claims thus make it clear that claims that do not expressly recite a 'Virtual 

Distribution Environment" were not intended to, and cannot be interpreted to include one. 

B. Secure/Security (Ex. A, Row 3, Ex. B, Row 19, Ex. C, Tab 19). 

Both parties acknowledge that the terms "secure" and "security" require some degree of 

I protection against certain threats. InterTrust's proposed definition is consistent with the plain 

meaning of these terms as well as the patent specifications. It requires one or more mechanisms 

to prevent, detect, or discourage misuse of or interference with information or processes, and 

| provides examples of the types of mechanisms that may be involved. 

In contrast, Microsoft burdens these claim terms with numerous additional requirements 

that are inconsistent with both the ordinary meaning and the way these terms are used in the 

specifications. Two of these unwarranted additional requirements are addressed beiow. 

1. Microsoft's requirement that five specified properties be protected. 

Microsoft defines the word "secure" to require, in every instance, protection of five 

specified properties (availability, secrecy, integrity, authenticity and nonrepudiation). The 

specifications contradict this reading. 

The specifications frequently use the words "secure" or "security" to refer to the use of 

I one or more of a collection of protection mechanisms, without requiring the comprehensive 

protection of all of the properties specified by Microsoft. The following passage, for example, 

could hardly be clearer: 

In one embodiment, the portable appliance 2600 could support secure (in this 
instance encrypted and/or authenticated) two-way communications with a retail 
terminal which may contain a VDE electronic appliance 600 or communicate with a 
retailer's or third party provider's VDE electronic appliance 600. 

'193 patent 233:25-30 (19(H) (emphasis added). 

This passage describes "secure" in terms of encryption and/or authentication. These 

amount at best to two of the properties from Microsoft's list (secrecy and authenticity). No 

mention is made of availability, integrity or nonrepudiation. See also Reiter Decl., ^ 28, 
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discussing 19(A) ("security" referring to concealment and authentication), 19(B), ("secure" 

referring to concealment and authentication), 19(C) ("security" referring to concealment and 

tamper resistance), 19(D) ("security" referring to concealment and authentication), 19(E) 

("security" referring to concealment, tamper resistance and access control), 19(F) ("secure" 

referring to concealment), 19(G) ("secure" referring to tamper resistance), 19(H) ("secure" 

referring to concealment and/or authentication), 19(1) ("secure" referring to concealment). 

Microsoft's definition requires that all five specified properties be protected. As used in 

the specification, however, the term "secure" often means protection of fewer than these five 

properties. Microsoft's definition is inconsistent with the specifications and should be rejected. 

2. Microsoft's requirement that "all users" be "guaranteed" protection against "all 
of the identified threats" 

Microsoft's definition requires a guarantee to "all users" of absolute protection against all 

identified threats. This aspect of Microsoft's definition also contradicts the specifications, which 

make it clear that "secure" and "security" do not require absolute protection, but instead require 

only that security be sufficient for an intended purpose: 

The level of security and tamper resistance required for trusted SPU hardware processes 
depends on the commercial requirements of particular markets or market niches, and 
may vary widely, 

193 patent at 49:59-62 (19(J)) (emphasis added). See also 19(B) ("sufficient security 
(sufficiently trusted) for the intended commercial purposes"), 19(M), 19(N). The specifications 
also describe mechanisms used to limit the effects of a security breach, something that would be 
inconceivable insecurity" or "secure" required absolute protection. See, e.g., 19(K), 19(L), 
19(R),19(S),19(T). 

Moreover, it is understood in the art that security can never be absolute. See, e.g.. 
19(BB) ("One hundred percent security cannot be achieved") 19(EE) ("security is a relative, not 
an absolute concept"), 19(X), 19(Y), 19(Z), 19(AA), 19(CC), 19(DD). 

Microsoft's definition requires that absolute security be guaranteed to all participants and 
against all threats. This is inconsistent with use of this term in the specification, and with the 
universal understanding in the field, not to mention common sense. No one of ordinary skill in 
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the art would interpret "secure" in this manner. Microsoft's construction is an attempt to define 
the term in a manner impossible for any real world system to attain. That construction should be 
rejected. 

C. Budget (Ex. A, Row 4, Ex. B, Row 3, Ex. C, Tab 3). 

In the specifications, "budget" is used consistently with its normal English meaning 
[3(A)), and MerTrust's definition of "information specifying a limitation on usage" reflects that 
neaning (3(L)). Microsoft similarly defines this term as referring to a "limitation on use," but 
hen distorts this plain meaning into a budget "method," consisting of instructions and related 
lata. The specifications, however, explicitly distinguish between a "BUDGET method" and the 
vord t£ budget:" 

In the example shown in Figure 41 d, a distributor at a VDE distributor node (106) might 
request budget from a content creator at another node (102). . . . The creator 102 may 
decide to grant budget to the distributor 106 and processes a distribute event (1452 in 
BUDGET method 1510 at VDE node 102). A result of processing the distribute event 
within the BUDGET method might be a secure communication (1454) between VDE 
nodes 102 and 106 by which a budget granting use and redistribute rights to the 
distributor 106 may be transferred from the creator 102 to the distributor. The 
distributor's VDE node 106 may respond to the receipt of the budget information by 
processing the communication using the reply process 1475B of the BUDGET method 
1510. The reply event processing 1475B might, for example, install a budget and PERC 
808 within the distributor's VDE 1 06 node to permit the distributor to access content or 
processes for which access is control at least in part by the budget and/or PERC. 

193 patent, 172:61-173:14 (3(C)) (emphasis added). 

This passage is unmistakable: the word "budget" does not necessarily mean a "BUDGET 
lethod." A "BUDGET method" is a means to grant a "budget," but it is impossible to read this 
assage without understanding that the word "budget," by itself, does not mean "BUDGET 
lethod." See also 3(D) (BUDGET method 408 may store budget information"), 3(E) 
BUDGET method" used to process "budget information"). 

Microsoft's citations from the specification indicating that a "budget" may be a type of 
lethod are not inconsistent with InterTrust's interpretation, since InterTrust agrees that a budget 
lethod is one possible embodiment of a budget. But that is all it is: one example of how a 
Lidget may be specified. Thus, item (1) from Microsoft's Exhibit D support for "budget" refers 
Dt to the word "budget" in general, but to, "'Budgets' 308 shown in FIG. 5B." The larger 
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context for this passage is shown in 3(F), which makes it clear that the passage cited by 
Microsoft relates to one specific example of a budget, i.e., "Budgets 308" from Figure 5B, a . 
figure that provides additional detail on the "preferred embodiment" shown in FIG. 5 A, itself 
described as merely an "example." Reading preferred embodiments from the specification into 
the claims violates basic Federal Circuit claim construction principles. Laitram Corp. v. 
Cambridge Wire Cloth Co., 863 F.2d 855, 865 (Fed. Cir. 1988) ("References to a preferred 



embodiment, such as those often present in a specification, are not claim limitations."), cert, 
denied, 490 U.S. 1068 (1989). 

Microsoft's definition also requires that a budget constitute a "decrementable numerical 
limitation." There is no basis in the specification (or the normal meaning of "budget") for any 
requirement that this constitute a "decrementable" value, as opposed to a value that is 
incremented until a limit is reached. Thus, a budget specifying that a user has the right to make 
three copies of content could be implemented as a decrementable value (starting with "3" and 
counting down each time a copy is made until "0" is reached) or as an incrementable value 
(starting with "0" and counting up until the value of 3 is reached). This is an implementation 
detail, and both types of value are supported in the specification. See, e.g., 3(H) (describing an 
"ascending use counter" and a "descending use counter.") There is no basis for limiting budgets 
to a decrementable value. This constitutes yet another Microsoft attempt to read a particular 
specification embodiment into the claims, an attempt that is particularly misguided in this case, 
since an alternate embodiment (an incrementable counter) is also disclosed. 

D. Control (noun) (Ex. A, Row 4, Ex. B, Row 8, Ex. C, Tab 8). 
Although the specification contains no explicit definition for "control," it does indicate 
that "rules and controls" are equated with "control information." See, e.g., 8(A), 8(B); see also 
8(C) ("control" and "control information" used interchangeably). 

Control, information can consist of either programming (e.g., load modules) or data. See, 
e.g., 8(D) (load modules, data and methods), 8(F) (a key is control information), 8(G) 
(executable programming such as load modules), 8(H) (use of "and/or" making it clear that 
control information can consist of methods, or load modules, or mediating data or component 
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assemblies), 8(1) (software and parameter data). 

In the '193 and related file histories, prior art data items were repeatedly interpreted as 
constituting "controls." See, e^g., 8(W) ("control" read onto personal identification information), 
8(X) ("control" read onto a list of checkwords), 8(Y) ("control" read onto password), 8(Z) 
("control" read onto security code attribute indicating security levels). 

Thus, "controls" can consist of various types of information, including programming 
(load modules, methods, component assemblies) and data. This is consistent with the InterTrust 
construction of the term. 

The InterTrust construction also specifies that controls can govern operations on, or use 
of, resources (e.g., content), including permitted, required or prevented operations, the nature and 
extent of operations, and the consequences of operations. Again, this is consistent with use of 
the term control information in the specification. See, e.g., 8(J), 8(A), 8(H), 8(K), 8(L), 8(M), 
8(B), 8(N), 8(0). 

Microsoft's definition requires that controls be "executable." Although the parties 
disagree regarding the definition of "executable," neither party's proposed definition would 
include data. As is established above, however, the patents indicate that "controls" may include 
data. Microsoft's incorporation of "executable" into the definition of controls is therefore 
improper. 

The Microsoft definition further requires that controls execute in a Secure Processing 
Environment ("SPE"). However, the patents make it clear that an SPBis a particular 
embodiment, and clearly disclose an alternate embodiment known as a Host Processing 
Environment ("HPE"), an embodiment excluded by the Microsoft definition. See Protected 

recessing Environment (§ P, below). The patents explicitly state that any operation that carried 
out by an SPE can also be carried out by an HPE. 1 6(D). 

Microsoft's definition also requires the ability to modify controls. MS deft., f (7). This 
is a preferred embodiment, and in any event is a capability provided by the ROS (an operating 
system described in the specification) rather than by the controls themselves. 8(Q). 

Microsoft also seeks to apply the general definition of "control (n.)" to "user controls" as 
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recited in 683.2. InterTrust objects to this, since "user controls" was a term on the parties' initial 
list of claim terms to be construed, but was not selected for the initial hearing, and InterTrust 
therefore requests that the Court reserve construction of this term. 

Moreover, "user controls" in claim 683.2 is entirely unrelated to the "controls" discussed 
above. That sense of "control" is synonymous with "rules," and is a form of information that 
tells the system what the user may and may not do with the relevant content. By contrast, as 
used in 683.2, "user controls" refer to the hardware used to control a computer (such as a 
keyboard or mouse), rather than information or programming. In the claim, user controls are 
listed with other hardware elements (also including communications port, processor and 
memory). Significantly the digital information recited in the claim is explicitly identified as 
being stored in the memory (first secure container, governed item, first secure container rule, 
etc.), whereas "user controls" is listed as an element separate and apart from the memory. 
Moreover, in the file history the Examiner used a keyboard as an example of "user controls." 
8(AA). Thus, the file history and the claim make it clear that "user controls" means something 
entirely different from either party's proposed construction of "control" as used in the other 
claims. 

E. Copy/Copied/Copying (Ex. A, Row 5, Ex. B, Row 10, Ex. C, Tab 10). 
InterTrust's proposed definition is the plain English meaning, based on "reproduce." 
This is consistent with the generally understood definition of this term. 10(K), 10(L), 10(M). 

Microsoft's first sentence is consistent with InterTrust's construction, except for 
Microsoft's requirements that "all" of a file be reproduced and that this constitute a "complete 
physical block of data." The specification contradicts these requirements, since it explicitly uses 
the word "copy" to refer to a partial reproduction. 10(A), 10(B). 

The definitions also differ in that InterTrust's definition requires that the copy be usable, 
whereas Microsoft's allows a copy to be ephemeral, unusable or inaccessible. MS deft., ^ (3). 

As used in the relevant claims (193.1, 193.11, 193.15, 193.19), the whole point of making 
a "copy" is to use it. Microsoft's definition, however, would define the word "copy" to include 
reproductions that are ephemeral, unusable and inaccessible, thus interpreting this term to 

19 ; 



INTERTRUST'S OPENING CLAIM CONSTRUCTION BRIEF 
CASE NO. C 01-1640 SBA (MET), CONSOLIDATED WITH C 02-0647 SBA 



11 

12 

13 

34 

15 

16 

17 

18 

19 

20 

21 

22 

23 

24 

25 

26 

27 

28 



include internal "phantom" reproductions made by the computer in the process of using a file. 

As Dr. Reiter's Declaration explains, such temporary internal reproductions are 
automatically created by the computer for purposes of the computer's internal processing, and 
the user is never even aware of their existence. Reiter DecL, 34-40. For example, such ' 
reproductions are made every time a file is opened (e.g., a memo is brought up on a computer's 
screen), even though, from the perspective of the user, such actions have nothing whatever to do 
with making a copy of the file. 

Defining such automatically-generated, unusable reproductions as "copies" leads to an 
absurd interpretation of the claims. For example, in 193.1, the user receives a budget specifying 
the number of "copies" that can be made of a file. If "copy" means internal, phantom 
reproductions, a portion of that budget would be used up every time the user made any use of the 
file, even if the user did not deliberately make a "copy," and even if the action did not result in 
anything the user would recognize as a "copy." Thus, a budget to make three copies of the file 
ivould be used up if the user opened the file three times, even if the user never created any 
3ermanent, usable copies at all. A user whose paid-for budget to make copies of a file was used 
ip by merely opening the file is a user who would probably be looking for a good consumer- 
raud attorney. 

Even worse, if Microsoft's interpretation of "copy" is accepted, once the 193.1 budget to 
nake copies was exhausted, the user would not only lose the ability to make actual copies, but 
vould also lose any ability to even open the file, since the act of opening the file causes the 
reation of internal phantom reproductions. Thus, a user with a budget to make three copies of 
he file would be able to open the file three times, after which he or she would have no ability to 
lake any other use of the file whatever. 

Such an interpretation is absurd. 193.1 clearly contemplates the user receiving a budget 
:> make deliberately-intended copies that the user (or someone else) can make use of. 
iterpreting "copy" so that the copy budget would be used up by internal phantom reproductions 
squires completely ignoring the context of the claim. See Reiter DecL, ffl 34-40 and § F, 
nrnediately below. 
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K Budget Specifying the Number of Copies Which Can Be Made of Said Digital 
File (Ex. A, Row 6, Ex. B, Row 25, Ex. C, Tab 25). 

This claim phrase is straightforward. It incorporates two separately defined terms 

(Budget and Copies), but there is no reason to interpret it using anything other than its plain 

English meaning. 

Microsoft's definition, on the other hand, incorporates requirements that are unsupported 
by the phrase and contradict the specifications. 

(1) Microsoft requires that the budget state "the total number of copies (whether or not 
decrypted, long-lived, or accessible)." No such requirement is imposed by the claim term and, as 
is described above (see § E), this requirement makes no sense, since the budget would be 
exhausted by internal, "phantom" reproductions of no benefit to the user. See Reiter Decl., 

1H 34-40. 

(2) The Microsoft construction also requires that "No process, user, or device is able to 
make another copy of the Digital File once this number of copies has been made." The 
specification, however, explicitly describes processes that can be used to "refresh" budgets, so 
that a budget that has been exhausted (e.g., reached zero) can be increased. See, e.g., 25(0) 
(describing the acquisition of "additional budgets if the user wishes to continue to use the 
traveling object after the exhaustion of the available budget(s)"), 25(P) ("Once the distributor 
106 has used some or all of her budget, she may desire to obtain additional budget") 25(Q) 
("clearinghouse may handle the end user's request for additional budget"). Microsoft's proposed 
addition of this limitation is thus directly contradicted by the specification. 

G. Control (verb) (Ex. A, Row 7, Ex. B, Row 9, Ex. C, Tab 9). 
"Control," used as a verb (e.g., "controlling") is not specially defined in the 
specifications. The InterTrust construction is based on the common English definition for the 
term (9(0)), a construction supported by the use of this term in the specification. Passages cited 
in Ex. C at 9(A), 9(B), 9(C), 9(D), 9(E) and 9(F), for example, use the verb form of "control" to 
refer to conventional hardware or software operations, that cause or prevent certain acts or 
events. Reiter Decl., % 42. 
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Microsoft proposes a lengthy and highly complicated definition for this term, without any 
1 support whatsoever. The evidence cited by Microsoft contains no indication that the verb form 
of control is defined in any particular manner in the specification, and certainly does not support 
the lengthy and complex definition proposed by Microsoft. In fact, the majority of Microsoft's 
Exhibit D evidence for this term (Ex. D, Row 9) relates to the noun form of "control," and does 
I not even mention the verb form. 

Not only is the Microsoft definition unsupported by the specification, restrictions 
I contained in that definition are actually contradicted by the specification. For example, 
Microsoft requires that a controlled action cannot otherwise be taken by any user, process or 
device. This restriction ignores the specification's discussion of alternate control structures, 
whereby an action not allowed by one control structure may be allowed by another. See 9(G), 
1 9(H), 9(1), 9(J). 

The Microsoft definition also requires the use of a VDE Secure Processing Environment. 
I This ignores the specification's discussion of Host Processing Environments, identified as an 
alternative to the Secure Processing Environment embodiment. See Protected Processing 
Environment (§ P, below); see also 16(D) (HPE can carry out any operation carried out by an 
|SPE). 

H. Controlling the Copies Made of Said Digital File (Ex. A 5 Row 7, Ex. B, Row 
26, Ex. C, Tab 26). 

The relevant claim (193.1) itself further explains this element as follows: "if said copy 
I control allows at least a portion of said digital file to be copied and stored on a second device." 
This further description, along with the separately defined incorporated terms, fully defines this 
element by making it clear that the copy control is used to determine whether a digital file may 
be copied to a second device. InterTrust's proposed construction is based on this 
I straightforward, plain English interpretation. 

Microsoft requires that the copy control operate within a VDE Secure Processing 
I Environment. No such requirement is imposed by the claim, and the specification describes 
embodiments based on a Host Processing Environment, rather than a Secure Processing 
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Environment. See Protected Processing Environment, § P, below; see also 16(D). 

The Microsoft definition requires that the copy control control "all copies of the Digital 
File." The claim contains no such requirement, but instead requires control over copies that are 
made, as opposed to all copies that exist. Microsoft's interpretation apparently would require 
that the copy control, operational at the first device, somehow control copies of the file at the 
source from which the first device received the file, including copies at other locations to which 
that source sent the file. In context, it is clear that the copy control need only govern copies 
made by the first device, not all copies that exist. 

Microsoft further requires that all uses and accesses be prohibited except to the extent 
allowed by the copy controls). This assertion has no support in the claim, and ignores the 
possibility that the item may also be governed by an alternate control structure. 26(A), 26(B), 
26(C), 26(D). 

I. Authentication {Ex. A, Row 27, Ex. B, Row 2, Ex. C, Tab 2). 
This word is not specially defined in the specifications or the file histories. Both parties' 
proposed definitions focus on identifying something or someone. 

The specification uses the term "authentication" to refer to various types of identification, 
including passwords (2(A), 2(B)), voice prints or retinal scans (2(B)) or certificates attesting that 
a device or key can be trusted. 2(C). InterTrust's proposed construction is consistent with these 
specification embodiments. 

Microsoft's definition requires establishing that assertions about data integrity (i.e., that 
the data have not been altered) and origin integrity (i.e., confirming the source and time of 
origination) are genuine. In 193.15, however (the only relevant claim including this term), the 
word is used to describe a step involving an identifier associated with a device and/or user. 
Requiring "data integrity" and "origin integrity" makes no sense in the context of a user, and 
scarcely more sense in the context of a device. Moreover, none of the specification uses of this 
term impb'es such requirements. 

The Microsoft definition is ambiguous regarding whether authentication requires 
uniquely identifying the person or thing authenticated. InterTrust's proposed definition, on the 
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other hand, allows authentication to identify something or someone. either as an individual or as a 

member of a group. This is supported by the specification, which describes an "Authenticate 

User" process that lets the caller authenticate a specific user ID or a group membership. 2(D). 

J. Identifier (Ex. A, Row 28, Ex. B, Row 17, Ex. C, Tab 17). 

The InterTrust definition is straightforward and consistent with the normal meaning of 

this term and with its use in the specification. See, e.g. , 17(A), 17(B). 

The primary distinction between the parties' definitions concerns whether the identifier 

must be unique to an "individual instance" of a person or thing, or whether the identifier can 

specify that a person or thing is a member of a group. 

In 912.8, this term is used in the following context: 

said load module including executable programming and a header; 

said header including an execution space identifier identifying at 
least one aspect of an execution space required for use and/or 
execution of the load module associated with said header; 

said execution space identifier provides the capability for 
distinguishing between execution spaces providing a higher 
level of security and execution spaces providing a lower 
level of security; 

A specification embodiment corresponding to this element is described in 30(A), in 
which a load module header is described as containing an "execution space code" that 
distinguishes SPEs from HPEs, with the explanation that some load modules are required to run 
in one type of environment as opposed to the other. This embodiment describes identifying an 
execution space as a member of a group (SPE or HPE) and therefore contradicts Microsoft's 
nterpretation of "identifier" as requiring unique identification. Reiter Decl, ffif 92-94. 

Similarly, the specification uses the related terms "identification" and "ID" to refer to 
identification of an individual or a group. 17(D), 17(E). Thus, interpreting "identifier" as 
requiring a unique identification (as opposed to identification as a member of a group) would 
contradict the specification. 

Microsoft also requires that an identifier constitute a "text string." No such requirement 
exists in the specification or any relevant claim. An identifier could constitute a string of 
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1 numbers or bits (e.g., the retail terminal identifier described in 17(B), which might reasonably be 

2 expected to consist of numbers). 

3 K. Clearinghouse (Ex. A, Row 40, Ex. B, Row 4, Ex. C, Tab 4). 

4 The specification describes various embodiments of "clearinghouses," including entities 

5 that provide both financial and administrative services and may collect and distribute 

6 information. See 4(A), 4(B), 4(C), 4(D), 4(E), 4(F), 4(G), describing financial clearinghouses, 

7 document tracking clearinghouses, rights distribution clearinghouses, etc. InterTrust's proposed 
construction is straightforward, and describes these various embodiments. 

Microsoft's construction, on the other hand, requires interpreting "clearinghouses'* as 
limited to providing "store and forward" services. The specification, however, does not support 
limiting "clearinghouse" to this particular embodiment. Thus, Microsoft's Exhibit D quotations 
for this term describe other types of clearinghouses (e.g., financial clearinghouses) and none 
implies that a clearinghouse must provide "store and forward" services. 

Nor do Microsoft's excerpts support any requirement that a clearinghouse operate under 
the constraints of "VDE security." The specification describes both Visa and AT&T as 
"clearinghouses." 4(B), 4(K). These are well-known organizations, and there is no suggestion in 
the specification that these organizations use "VDE security," nor would one of ordinary skill in 
the art so interpret these references. Reiter DecL, f 48. 

L. Use (Ex. A, Row 42, Ex. B, Row 23, Ex. C, Tab 23). 
"Use" is a common English word, not specially defined in the specification and not a 
term of art. Reiter DecL, ^ 49. InterTrust proposes giving the term its normal English meaning. 
See, e.g., 23(A). 

Microsoft's proposed definition, by contrast, requires that "use" is allowed only through 
execution of controls. This is incorrect, since (a) controls include non-executable data (see 
Control, § D, above) and (b) the word "use" is a plain English word, with no technical meaning, 
and does not require or imply the use of any controls. 

Notably, in the claims/when the "use" of an item is required to be governed by controls, 
this is explicitly set forth as a claim limitation: 
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683.2: securely applying, at said first appliance through use of said at least one 
resource said first entit/s control and said second entity's control to govern use of 
said data item 



Such claim limitations would be superfluous if the word "use" itself required the 
| application of controls. 

M. Secure Container (Ex. A, Row 57, Ex. B 5 Row 20, Ex. C, Tab 20). 
The term "container" is not explicitly defined in the specification. The specification 
| does, however, give numerous examples of containers that are consistent with InterTrust's 
proposed definition. 20(A). In addition, InterTrust's definition closely tracks the accepted 
definition of the term "container" in the computer field as of the relevant filing date. 20(J), 
j 20(K). Note that such "containers" represent digital file formats, rather than physical containers. 

The specification also contains no explicit definition of "secure container." InterTrust's 
I definition of a Secure Container as a container that is "Secure" is simple, plain English, and is 
J supported by the specification. 20(B), 20(G). 

Microsoft's definition consists of approximately 290 words, including nine separately 

1 5 II defined terms, many of which incorporate their own separately defined terms. Derwin Decl., ^ 4 

16 Such a definition is so long and complex as to render it impossible for the jury to understand or 

17 apply it. 

1 8 || Microsoft's definition also suffers from a number of specific defects, including the 

19 || following: 

20 || (1) Microsoft requires that a secure container "cryptographically protects" information. 

21 |j MS deft., (1). Although the meaning of this statement is not entirely clear, it appears to require 



22 
23 
24 
25 
26 
27 
28 



308953.01 



encrypting the secure container. The specification makes it clear that secure containers need not 
be encrypted (they can be "otherwise secured") and that protection need only be partial. 20(B). 

. (2) Microsoft requires that a secure container "encapsulates" its contents. MS deft., ^ 1. 
This term is separately defined (in Microsoft's definition of Protected Processing Environment) 
as follows: "'Encapsulated' means hidden within an object so that it is not directly accessible 
but rather is accessible only through the object's restrictive interface." 

The specification is clear, however, that the contents of a secure container are not 
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1 necessarily "hidden within" the secure container but can be located externally, as long as the 

2 II container contains a reference to the contents. 20(D), 20(E). Thus, a requirement that a secure 
container "encapsulate" its contents is inconsistent with embodiments disclosed in the 
specification. 

(3) The last sentence of the Microsoft definition reads as follows: 
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All VDE-protected information (including protected content, information about 
content usage, content-control information, Controls, and Load Modules) is 
encapsulated within a Secure Container whenever stored outside a Secure 
Processing Environment or secure database. 

This statement is inaccurate (20(F)), but, in any event, it cannot constitute part of the 
definition of a "secure container," since it is not an attribute of a secure container and cannot be 
used by a trier of fact to determine whether a particular data structure does or does not constitute 
a "secure container." Instead, this passage describes the manner in which certain types of data 
are allegedly handled, rather than the properties of the secure containers themselves. 

(4) Microsoft's definition requires that secure containers can only be opened in Secure 
Processing Environments. MS deft., \ (2). This ignores the specifications' disclosure of the 
alternate Host Processing Environment embodiment. See Protected Processing Environment, § 
P, below; see also 16(D). 

(5) Microsoft requires that a secure container can only be opened through decryption of 
an encrypted header. MS deft., \ (2). The encrypted header, however, is described as a preferred 
embodiment, and therefore does not constitute a claim limitation, 20(G). 

(6) Microsoft specifies that a container is not a secure container merely because it is 
encrypted and signed. MS deft., If (5). The specification provides no support for such a 
statement, nor for any requirement that secure containers in fact be encrypted and signed. See, 
e.g. . 20(B) ("encrypted or otherwise secured.") 

N. Contain/Containing (Ex. A, Row 58, Ex. B, Row 7, Ex. C, Tab 7). 
InterTrust's definition is based on the plain English meaning of this term. 7(C). This 
meaning is consistent with use of the term in the specification. See , e.g., 7(A). 

The parties' definitions differ primarily in that InterTrust allows "contain" to include 
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1 I storing a reference or pointer indicating where an element may be found, whereas Microsoft 

2 | excludes this. InterTrust's position is explicitly supported by the specification: 
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. . . container 302 may "contain" items without those items actually being stored 
within the container. For example, the container 302 may reference items that are 
available elsewhere such as in other containers at remote sites 



7(B). 
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This passage, and established use in the field directly contradict Microsoft's definition of 
"contain" as excluding "addressing." 7(B); Reiter Decl, fl| 51-59. 

O. Aspect (Ex. A, Row 60, Ex. B,Rowl,Ex. C, Tab 1). 

"Aspect" is not a technical term of art, and is not defined in either the specifications or 
the file histories. The term is used in its plain English sense throughout the relevant 
specifications. See, 1(A), 1(B), 1(C), 1(D), 1(E), 1(F), 1(G). InterTrust's proposed 
definition is consistent with these uses, and with the word's normal meaning. 

Microsoft's proposed construction is limited to aspects of an "environment." This is 
inconsistent with the use of the term in 912.8 (aspect of an execution space), 861.58 (aspect of 
access to or use of secure container contents) and 683.2 (aspect of access to or use of a governed 
item). A construction inconsistent with the manner in which the term is used in the claims is 
obviously improper. 

The Microsoft definition also requires a "persistent" element or property. The word 

aspect" does not require or imply persistence^ In one relevant specification, the word is used to 

refer to a feature that can be destroyed. 1 (B). An "aspect" that can be destroyed is obviously an 

"aspect" that is not necessarily persistent. 

P. Protected Processing Environment (Ex. A, Row 62, Ex. B, Row 18, Ex. C, 
Tab 18). 

The InterTrust definition is closely tied to the description given for Protected Processing 
Environments ("PPEs") in the specifications (1 8(B), 1 8(C), 1 8(D)), as well as the manner in 
which PPEs are described in claims 721.34 and 683.2, each of which explicitly describes what is 
meant by the term. 

The specifications describe two embodiments of PPE: a Secure Processing Environment 

28 



INTERTRUST'S OPENING CLAIM CONSTRUCTION BRIEF 
CASE NO. C 01-1640 SB A (MEJ), CONSOLIDATED WITH C 02-0647 SBA 



1 

2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
37 
18 
19 
20 
21 
22 
23 
24 
25 
26 
27 
28 



308963.01 



C*SPE"), using a special-purpose microprocessor with hardware-based security (a "Secure 
Processing Unit") and a Host Processing Environment ("HPE"), using software -based security 
instead of a Secure Processing Unit. 1 8(B), 1 8(D), 1 8(E). InterTrust's proposed construction 
covers both embodiments, as is proper, since the specification explicitly states that any action 
that can be taken by an SPE can also be taken by an HPE, albeit possibly with a lower level of 
security. 16(D). A number of Microsoft's definitions, however, would improperly exclude the 
HPE embodiment (see, e^, §§ F, G, H, M, X, Y, DD, above and below). 

Microsoft's definition of PPE is considerably longer than the Gettysburg Address. It 
contains approximately 345 words in six numbered sections, as well as eleven separately defined 
incorporated terms, adding hundreds of additional words. No jury could possibly apply such a 
definition in any meaningful way. 

Given the massive number of limitations Microsoft imposes on this term, a 
comprehensive rebuttal would require many pages. Several points, however, are worth noting: 

(1) Microsoft states that "most" PPEs are Secure Processing Environments incorporating 
a Secure Processing Unit. MS deft., (2). Microsoft does not explain what the other PPEs are, 
though the Microsoft definition implies that they fall within the following description: "[a] 
facility employing physical facility and user-identity Authentication security procedures trusted 
by all VDE nodes, and the VDE node does not Access or Use VDE-protected information, or 
assign VDE control information " MS deft., f (5). 

As is described above, PPEs incorporating software-based security are known as Host 
Processing Environments ("HPEs"), and the specification states that HPEs can perform any 
function performed by an SPE. 16(D). Microsoft's apparent argument that HPEs are used only 
in clearinghouses and other physically secure facilities is contradicted by the specifications, 
which describe the use of HPEs for end users (18(H)) and in other contexts not involving 
clearinghouses. 18(1), 18(K). 

(2) Microsoft requires that a PPE protects "all information identified in the patent 
application as being protected." To the extent that this requirement is not entirely circular (i.e., 
PPEs protect the information that is protected by PPEs), it appears to imply that all information 
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described in the patents as being protected by any mechanism must also be protected by PPEs. 
The specifications contain no support for any such requirement. 

(3) The Microsoft definition states that certain PPEs may "be formed by a general- 
purpose CPU that executes all VDE 'security' processes in protected (privileged) mode." MS 
deft., K (5). No support exists for the protected (privileged) mode restriction. See Host 
Processing Environment (§ Z, below). 

Q. Digital Signature/Digitally Signing (Ex. A, Row 66, Ex. B, Row 14, Ex. C, 
Tab 14). 

Although "digital signature" is not defined in the specification, this is a term of art widely 
used in the computer security field to refer to information that can be used to determine the 
source and/or integrity of a digital file. Reiter Decl., f 62; 14(G). The term "digital signature" is 
used in the specification in a manner consistent with the InterTrust construction. 14(A), 14(B). 

Microsoft's definition requires that a digital signature be "computationally unforgeable." 
Neither the specification nor any evidence cited by Microsoft requires any such absolute degree 
of protection. 8 

FL Designating (Ex. A, Row 66, Ex. B, Row 12, Ex. C, Tab 12). 
• This term is not specially defined in the specifications or file histories. InterTrust's 
proposed construction is based on the normal English meaning (12(F)), and in the specification 
the term is used in accordance with its normal English meaning. 12(A), 12(B), 12(C), 12(D), 
12(E). 

Microsoft requires that designating involve "restricting" something to a particular use. 
Neither the English meaning of this term nor the specification supports this limitation. To the 
extent that restricting to a particular use is required, this is an aspect of the overall claim in which 
this term is used (721.1), and is not inherent in the word "designate." Microsoft has identified no 
evidence in support of its construction. None exists. 



Microsoft's definition of "digital signature" includes a separate definition for the term "key." 
The parties dispute the correct definition of "key." This dispute is not relevant to "digital 
signature," and therefore is not discussed herein. The meaning of "key" is, however, important 
in other contexts, and InterTrust respectfully requests that the Court refrain from explicitly 
defining "key" at this time, as it is not one of the 30 terms selected for construction. 
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S. Device Class (Ex. A, Row 66, Ex. B, Row 13, Ex. C, Tab 13). 
This term was explicitly defined in the file history, using the same definition InterTrust 
now proposes. 13(A). Such a file history definition is binding. Vitronics Corp. v. Conceptronic. 



Inc., 90 F.3d 1576, 1582 (Fed. Cir. 1996) ("Although words in a claim are generally given their 
ordinary and customary meaning, a patentee may choose to be his own lexicographer and use 
terms in a manner other than their ordinary meaning, as long as the special definition of the term 
is clearly stated in the patent specification or file history.'') 

Microsoft cites no support from the specification for its proposed construction of this 
term. That construction is apparently based entirely on the manner in which this term is used 
internally at IBM, with no support for applying that construction to the InterTrust patent claims. 
T. Tamper Resistance (Ex. A, Row 67, Ex. B, Row 21, Ex. C, Tab 21). 
"Tamper resistance" is not explicitly defined in the specifications. The definition of this 
term, however, should follow from the stipulated definition of "Tampering" (JCCS Ex. I), as 
InterTrust's definition does. InterTrust's construction is also consistent with the use of this term 
in the specifications and in relevant extrinsic evidence. 21(A), 21(B), 21(C), 21(D), 21(E). 

Microsoft states that "tamper resistance" requires a "tamper resistant barrier." Although 
72 1 .34 recites a "tamper resistant barrier," other claims reciting tamper resistance do not. For 
example, 900.155 specifies "tamper-resistant software" with no requirement of a barrier. 

Microsoft requires that access, observation and interference be prevented . The term is 
not, however, tamper prevention, but tamper resistance, thereby clearly implying that some 
degree of resistance less than prevention would be sufficient. 

Microsoft also requires that all access, observation and interference be prevented. 
Tamper resistance should be defined as resistance to Tampering, a separately defined term. By 
failing to incorporate this separately defined term, Microsoft requires that Tamper Resistance 
protect against actions that do not constitute Tampering (e.g., the definition of Tampering does 
not include any reference to "access.") 9 



Microsoft repeats the definition of "tampering" in its construction of Tamper Resistance, but 
inexplicably fails to use that definition in defining Tamper Resistance. 
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U. Digitally signing a second load module with a second digital signature 
different from the first digital signature, the second digital signature 
designating the second load module for use by a second device class having at 
least one of tamper resistance and security level different from the at least 
one of tamper resistance and security level of the first device class (Ex. A, 
Row 67, Ex. B, Row 27, Ex. C, Tab 27). 

Inter Trust's proposed construction is a straightforward explanation of the phrase, 

consistent with the embodiment disclosed in the specification. 27(A), 27(B), 27(C), 27(D), 

27(E), 27(F), 27(G). Microsoft's definition, on the other hand, builds in a variety of restrictions 

that are unsupported by the specification: 

(1) Microsoft's definition requires that the digital signature be used "as the signature 
Key." As described at Reiter DecL, 63-64, a key may be used in a process that creates a 
digital signature, but the key and the signature are different things, one used in the process, the 
other the result of the process. Dr. Reiter has never heard of a digital signature used as a key to 
create a signature, and one of skill in the art would not interpret this phrase to imply any such 
requirement. Reiter Dec!., fl| 65-66. Neither the claim nor the specification, nor any evidence 
proffered by Microsoft supports such a bizarre reading of the phrase. 

(2) Microsoft's definition also requires that "No VDE device can perform any execution 
of any Load Module without such authorization." The claim includes no such requirement, and 
this is irrelevant to interpretation of this element, since the claim simply requires that two 
particular load modules be digitally signed, and does not discuss signing of load modules in 
general. 

(3) Neither this claim phrase nor the entire claim nor the specification as a whole require 
or support reading the concept of "VDE device" into this claim, as Microsoft's definition would 
require. 

(4) Microsoft requires that the tamper resistance and security levels be persistent. 
Neither the claim nor the specification supports any such requirement. 

V. Tamper Resistant Barrier (Ex. A, Row 71, Ex. B, Row 22, Ex. C, Tab 22). 
The term "Tamper Resistant Barrier" should be defined in terms of Tamper Resistance. 
InterTrust's definition does so, and is consistent with use of the term in the specification (e.g., 
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22(C)). InterTrust's definition makes it clear that such a barrier may consist of hardware or 

software, as is required by use of the term in the specification. 22(B). 

The Microsoft definition requires that a Tamper Resistant Barrier be an "active device." 

This is not supported in the specification, and "device" implies hardware, though the 

specification states that a tamper-resistant barrier can consist of software. 22(B). 

Much of Microsoft's definition appears to be taken more or less verbatim from a 

description of hardware-based tamper resistant security barrier 502, as described in the 

specification. 22(A). This ignores software tamper resistant barriers, which are also described in 

the specification, but without the requirements imposed by hardware barriers (e.g., software 

tamper resistant barriers are less secure than hardware barriers). 22(B). Microsoft's definition 

therefore improperly limits the claims to one particular disclosed embodiment and entirely 

ignores a different disclosed embodiment. 

W. Executable Programming/Executable (Ex. A, Row 73, Ex. B, Row 15, Ex. C, 
Tab 15). 

Microsoft requires that ail "executable" consist exclusively of machine code instructions. 
InterTrust's definition would include machine code versions of programs, but also includes 
programs written in higher-level languages that require "interpretation," which means the 
translation of a program into lower-level machine code instructions. Reiter Decl., ^ 68-70. 

The specification is clear that "executable" can refer to either lower-level machine code 
instructions or higher level instructions that have to be interpreted. See 15(A) (preferred 
embodiment is "native" instruction set (i.e., machine code), but an "interpreted" solution (i.e., 
higher level language) may also be used). Reiter Decl. fh 72-75. See also 15(B), which uses 
"executable" to refer to programs written in languages such as Java, a higher-level language 
requiring interpretation before being run. Java programs do not constitute machine code. Reiter 
Decl., H 71. 

InterTrust's definition is also consistent with the definition from the Microsoft Computer 
Dictionary. 15(C); Reiter Decl., Iflj 76-78. 

Microsoft requires a "complete series of definitions and instructions," thereby implying 
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an entire computer program. Although computer programs are made up of programming, the 
term "programming" by itself can mean an entire computer program or merely a portion. Reiter 
DecL,K79. 

X. Securely applying, at said first appliance through use of said at least one 

resource said first entity's control and said second entity's control to govern 
use of said data item (Ex. A, Row 85, Ex. B, Row 28, Ex. C, Tab 28). 

The term "securely applying" is not specially defined in the specification and is not a 

term of art. In the specification, the terms "securely applying" and "applying" refer to the 

application of control information to govern content. 28(A), 28(B), 28(C), 28(D), 28(E). This is 

consistent with InterTrust's proposed construction. 

(1) The Microsoft definition requires use of a Secure Processing Unit. This ignores the 

alternate-embodiment HPE, which does not involve use of a Secure Processing Unit. See 

Protected Processing Environment, § P. Moreover, the claim itself recites a "secure operating 

environment," and the specification states that a secure operating environment can be either an 

SPE or an HPE. 28(H). Thus, requiring that this elementtake place using a Secure Processing 

Unit contradicts the proper interpretation of the claim, which the secure operating environment 

recited in the claim can consist of either an SPE or an HPE. . 

In addition, the specification uses "securely" to refer to operations taking place in either 

an SPE or an HPE. 28(F). Thus, this word does not imply any requirement of a Secure 

Processing Unit. 

(2) Microsoft's definition of "securely applying" requires executing controls. Controls, 
however, include non-executable data (see Control, § D, above), and the specification uses the 
term "apply" to relate to applying data (non-executable). 28(G). 

(3) Microsoft's definition requires that the resource constitute a component part of the 
appliance's secure operating environment. The claim imposes no such requirement, and there is 
no support for this requirement in the specification or anywhere else. 

(4) The Microsoft definition requires that this action "governs all use of the data item by 
all users, processes, and devices." This limitation is not required by the claim and does not take 
into account embodiments describing alternative control structures, in which a use not allowed 
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| Control, § D, above. 

Y. Virtual Distribution Environment (Ex. A, Row 86, Ex. B, Row 24, Ex. C, 
Tab 24). 

Microsoft's Global Construction argument is discussed above. This section will discuss 
Virtual Distribution Environment as the term is used in.900.155, the only claim at issue that 
actually includes this phrase. 

"Virtual Distribution Environment" is used only in the preamble of the claim. The 
individual elements of 900.155 fully define the recited apparatus, and reference to the preamble 
is not necessary to define and understand the claimed apparatus. Reiter Decl. ^ 80. Under such 
circumstances, the preamble does not "give life, meaning and vitality" to the claim and is 
irrelevant to claim interpretation. Altiris. Inc. v. Symantec Corp.. 318 F.3d 1363, 1371 (Fed. Cir. 
2O031. 10 Alfred J. Schumer v. Laboratory Computer Systems. Inc.. 308 F.3d 1304, 1310 (Fed. 
Cir. 2002). 

Assuming, arguendo, that this phrase needs construction, InterTrust's definition is taken 
directly from embodiments of virtual distribution environments described in the specification. 
24(A), 24(B), 24(C). Microsoft's definition, on the other hand, is so long and complex as to defy 
thorough analysis, at least in the context of the page limits applied to this brief. Nevertheless, 
certain broad points can be made. 

(1) Asking a jury to attempt to comprehend 900.155 by applying a 2.000 word definition 
would be asking the impossible. A definition of this length and complexity cannot clarify 
interpretation of the claim, but can only lead to confusion. 

(2) Microsoft's definition requires an SPE. The specification clearly describes use of an 
alternate embodiment HPE. See Protected Processing Environment, § P, above. 

(3) Microsoft's definition incorporates features that would necessarily be "universe- 
wide," and could not apply to any particular computer or group of computers, nor to any process 
performed on any particular computer or group of computers. Microsoft makes no attempt to 



1 10 InterTrust is providing a courtesy copy of the Altiris opinion as it appears on Westlaw. 
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explain how this "universe-wide" feature of VDE could be applied to a claim relating to a single 
device or process. For example, would determining whether a single device infringes a claim 
(e.g., whether a particular computer infringes 900.155) require analysis of the entire "universe" 
of devices? Such an analysis is obviously impossible and would render this and other claims a 
nullity. 

(4) Microsoft's definition requires that a VDE "guarantees" various types of security, 
and that a VDE is "non-circumventable." Guaranteed security is impossible in the real world, 
and is not required by the specification. See 24(K) through 24(N), 24(P) through 24(AA). 

Z. Host Processing Environment (Ex. A, Row 87, Ex. B, Row 16, Ex. C, Tab 16) 
The two parties are in agreement that a Host Processing Environment ("HPE") is distinct 
from a Secure Processing Environment ("SPE"), and that an HPE may include software running 
on a general-purpose microprocessor. 

Microsoft is correct that HPEs maybe either "secure" or "non-secure." InterTrust's 
proposed definition is more accurately a definition of secure HPE, but not of a non-secure HPE. 
f need be, InterTrust's definition can be qualified to make it clear that an HPE may be either 
secure or non-secure, with the present definition applying to the secure version, and the non- 
secure version described as "a processing environment with insufficient security to constitute a 
secure HPE." Such a definition is consistent with use of this term in the specification. 16(A), 
16(B), 16(C), 16(D), 16(E). 

Microsoft's definition, however, incorporates numerous additional restrictions that are 
either unsupported by or contradicted by the specification. 

(1) Microsoft implies that a HPE consists only of executable programming. This 
contradicts 900.155, which identifies various hardware elements as part of the HPE (e.g., a 
central processing unit, memory, etc.). This also contradicts Microsoft's construction of the 
claim phrase in which host processing environment appears ("Derives information from one or 
more aspects of said host processing environment"), since in that construction Microsoft requires 
that the host processing environment include hardware. 

(2) Microsoft requires that a HPE be within a "VDE node." The Microsoft definition of 
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VDE incorporates several pages of detailed requirements, none of which is required by the 

manner in which HPEs are described in the claim or the specification. Issues regarding whether 

VDE should be read into every claim should be resolved in connection with Microsoft's "Global 

Construction" argument, discussed above, and should not be "back-doored" into the claims 

through the definition of specific terms. 

(3) Microsoft's definition of "secure" HPE requires software running in "protected 

(privileged) mode" and that a non-secure HPE be running in "user mode." The specifications 

contain no discussion stating or even implying any such requirement. While the specifications 

do discuss processors running in "protected" or "privileged" mode, these discussions have 

nothing to do with (and do not mention) HPEs. 16(E), 16(F), 16(G), 16(H). 

AA. Derive (Ex. A, Row 92, Ex. B, Row 1 1 , Ex. C, Tab 11). 

This is not a term of art and is not specially defined in the specification, in which it is 

used in its normal English sense. 1 1(A), 1 1(B), 1 1(C). InterTrust's proposed construction is 

based directly on the normal English definition. 1 1(E). 

Microsoft defines "derive" to mean "retrieve from a source." That "derive" is not limited 

to retrieval from a source is made clear by use of the term in the specification 1 1(D) and by the 

embodiment disclosed for the phrase from 900.155 in which the term "derive" is used, an 

embodiment that clearly contemplates generating information. Reiter Decl., 86. This is plain 

English: when one "derives a conclusion," one generates information by the application of 

reasoning to facts. One does not simply "retrieve" the conclusion from storage. 

BB. Derives information from one or more aspects of said host processing 
environment (Ex. A, Row 92, Ex. B 5 Row 29, Ex. C, Tab 29). 

InterTrust's construction interprets this phrase in accordance with the plain English 
meaning of its words. 

Microsoft requires that information be derived from the host processing environment 
hardware." No such requirement is imposed by the claim, which specifies merely an "aspect" 
f the host processing environment. The disclosed embodiment reveals using software (e.g., the 
ROM BIOS, which constitutes software) and stored "information" for this purpose. 29(A); 
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Reiter DecL, 84-85. Moreover, this contradicts Microsoft's definition of host processing 
environment, since that definition requires that a host processing environment be made up of 
programming, rather than hardware. 

Microsoft requires that the information "uniquely and persistently" identify the host 
processing environment. The claim includes no such requirement, stating only that the 
information be derived from "aspects" of the host processing environment, a term used to refer to 
features that may disappear. See Aspect, § O, above. 

CC. Compares/Comparison (Ex. A, Row 94, Ex. B, Row 5, Ex. C, Tab 5). 
These terms are not specially defined in the specification, but are used in accordance with 
their normal English meaning. See, e.g., 5(A), 5(B), 5(C), 5(D). InterTrust's definition is based 
on that normal meaning. 

Microsoft attempts to import additional limitations to this term, defining "compare" as 
limited to one particular type of microprocessor operation. The specification, however, does not 
discuss or even mention any such operation, and uses the word "compare" in its normal English 
sense, with no implication that a particular microprocessor operation is contemplated. 5(A), 
5(B), 5(C). One of ordinary skill in the art would not understand "compare" to refer to one 
particular type of microprocessor operation absent a clear reason to do so. Reiter DecL, 87-89. 
DD. Component Assembly (Ex. A, Row 99, Ex. B, Row 6, Ex. C, Tab 6). 
InterTrust's proposed definition is taken directly from the manner in which the term is 
used in the specification and file history. 6(A), 6(B), 6(K). 

Microsoft's definition requires that component assemblies be "created by a channel." 
The channel mechanism, however, is a preferred embodiment, not a claim element. 6(C). 

The Microsoft definition requires that a component assembly include load modules. 
Although component assemblies may include load modules, the specification describes this as a 
preferred embodiment and describes load modules as merely an example of component assembly 
components. 6(D), 6(E) (note use of "e.g."), 6(F) (note use of "e.g."). 

The Microsoft definition requires that a component assembly be assembled and executed 
in a Secure Processing Environment. This is directly contradicted by the specification. See 6(B) 
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(component assemblies may be assembled, loaded and executed in either an SPE or an HPE); 
6(G) ("certain" component assemblies require a secure execution space). See Protected 
Processing Environment (§ P), for an explanation of the differences between the SPE and HPE 
embodiments. 

EE. Identifying at least one aspect of an execution space required for use and/or 
execution of the load module (Ex. A, Row 103, Ex. B, Row 30, Ex. C, Tab 30) 

InterTrust's definition is based on the plain English meaning of this phrase, including the 
separately defined terms. Microsoft incorporates numerous limitations that are inconsistent with 
the specification and claims. 

(1) The Microsoft definition requires that an execution space without "all of those 
required aspects" is "incapable of making any such Use (e.g., Copying, displaying, printing) 
and/or execution of the load module." This implies that, if the execution space lacks these 
required aspects but is still capable of making one of the recited uses, the claim element is not 
met. The element, however, specifies that the execution space identifier identify an execution 
space required for use "and/or" execution of the load module. Thus, if the load module can be 
"used" without being "executed," the claim limitation is still met. 

(2) Microsoft requires that the identifier define "fully, without reference to any other 
information." No support exists for this in the claim or the specification, and the disclosed 
embodiment is inconsistent with this. Reiter Decl., ^ 9 1 -98. 

(3) Microsoft's definition includes the following: "used to distinguish it from other 
environments of an execution space." This phrase has no obvious meaning. 

// 
// 
// 
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I VI. CONCLUSION 

InterTnist's claim constructions rely on the straightforward plain English meaning of the 
I claim terms, informed by the teachings of the specifications. Microsoft's constructions 
contradict the specifications in many respects, and attempt to incorporate numerous limitations 
taken directly from preferred embodiments. Moreover, Microsoft's definitions are far longer and 
more complex than any patent claim definitions ever adopted by any Court. No jury could 
| possibly use those definitions in any meaningful way. 

Microsoft's convoluted and confusing claim constructions are not based on the plain 
I meanings of the terms, nor on the fundamental legal principles of claim construction. Instead, 
Microsoft can only avoid infringement if the InterTrust claims are so loaded up with extraneous 
detail that they become impossible to apply to any real world product or process. In doing so, 
Microsoft violates fundamental and settled Federal Circuit principles of claim construction, 
| including the prohibition against reading embodiments from the specifications into the claims. 

For the reasons set forth above, InterTrust respectfully requests that the Court adopt the 
[constructions proposed by InterTrust. 

| Dated: March 17, 2003 DERWIN & SIEGEL, LLP 



By: 





DOp€f]lAS K. 
AttoVo^s for Plaintiff 
INTERTRUST TECHNOLOGIES 
CORPORATION 
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